Using link state information to discover IP network topology

ABSTRACT

A system for determining a topology associated with a network such as an enterprise network. The system includes a data collection agent  204  configured to (a) identify a first set of routers from among a larger, second set of routers in an enterprise network, (b) contact each of the routers in the first set of routers but not each of the other routers in the second set of routers, and (c) load network information maintained by at least some of the contacted routers in the first set of routers. The loaded network information can then be used to form a network or routing topology of the enterprise network.

CROSS REFERENCE TO RELATED APPLICATIONS

The present application claims priority from U.S. ProvisionalApplication Ser. No. 60/317,719, filed Sep. 6, 2001, of the same title,to Goringe, et al., and from U.S. Provisional Application Ser. No.60/347,050, filed Jan. 8, 2002, entitled “Topology Discovery byPartitioning Multiple Discovery Techniques,” to Goringe, et al, each ofwhich is incorporated herein by this reference.

FIELD OF THE INVENTION

The present invention relates generally to networks and specifically tomethods and devices for determining network or routing topology.

BACKGROUND OF THE INVENTION

Distributed processing networks are gaining increasing importance in ourinformation-based society. FIG. 1 depicts a network topology of a simplecomputer network. The network 100 comprises a plurality of routers 104a–g, a transit network 108, and a stub network 112, all interconnectedby links 116 a–i. As will be appreciated, a router is a deviceconnecting two or more networks that routes incoming data or packets toan appropriate network/node; a transit network is a network containingmore than one router; a stub network is a network containing only onerouter; and a link is a communication channel between two or more nodes.Each of the routers is typically attached to a link via one or moreinterfaces, such as interfaces 120 a–n. The simple network of FIG. 1 isdivided into two protocol regions with the dashed line 124 being theboundary between the two regions. Router 104 c is located on theboundary 124 and is typically referred to as an area border router whilethe other routers 104 a–b and d–g are not area border routers. One ormore protocol regions are often autonomous systems. An autonomous systemis a collection of networks controlled by a single administrativeauthority.

In a packet-switched network, the technique used to route a packetthrough interconnected networks depends on the routing protocol. Mostprotocols fall into one of two categories, distance-vector algorithms(which make routing path decisions based on a number of router hops apacket traverses en route from the source network to the destinationnetwork) and link-state algorithms (which use link state advertisementor LSA (containing the names and various cost metrics of a router'sneighbors in a defined area) to keep routers informed about links in thenetwork). Rather than storing the next hop (which is the case withdistance-vector algorithms), link-state algorithms store the informationneeded to generate routing paths. Examples of router protocols usingdistance-vector algorithms include EIGRP, RIP and RIP-2 and usinglink-state algorithms include Open Shortest Path First or OSPF, OSI'sIS—IS, and Netware's Link Service's Protocol (NLSP).

Routers and other network components are typically managed using anetwork management system. Network management systems perform networkmaintenance, identify possible security problems in the network, locateequipment, module, subassembly, and card failures, locate circuitoutages, monitor levels of performance (e.g., bit error rates or BERs,loss of synchronization, etc.) and permit rapid and accuratequantification of network usage and traffic levels. Examples of networkmanagement systems used for performing the foregoing tasks includeHewlett-Packard's OpenView™, IBM's Netview™, and Digital EquipmentCorporation's Enterprise Management Architecture or EMA™.

For optimal operation of network management systems, an accurate,detailed map of the network or OSI layer 3 topologies is commonlyrequired. Such a map not only facilitates operation of the networkmanagement system but also permits newly attached hosts to be properlylocated and configured for the network (to avoid adversely impactingnetwork performance) and existing hosts to be properly located for thenewly attached host. In common practice, a detailed map of the network'stopology is, in whole or part, unavailable to network managementpersonnel. This can be due to poor record keeping, the sheer size andcomplexity of some networks, and the lack of central management of anetwork, such as where a network includes a number of autonomous systemsor enterprises.

The discovery of network topology is not a simple task for networkadministrators. Simple Network Management Protocol or SNMP algorithmsfor discovering automatically network layer (or OSI Layer 3) topologyare used in many network management tools. Such algorithms use onlybasic IP primitive functionality and are very slow. Typically, thetechniques flood the network with ping commands for every possible hostor interface address, which can not only interfere with the operationalefficiency of the network but also require an extensive use ofcomputational resources to analyze the received information. Althoughvendor-specific solutions exist, they typically rely on thevendor-specific extensions to the standard SNMP MIBs that are not usefulin a typical multi-vendor network. Other known network topologydiscovery algorithms use the Managed Information Base on MIB informationstored by all routing protocols. Every router must be contacted by thisalgorithm. MIB information is, of necessity, the lowest commondenominator-type of information available on all routers, regardless ofrouting protocol, and cannot contain more information than provided bythe weakest link, namely distance-vector algorithms (i.e., informationrelating to the nearest neighbor only). Contacting every router isproblematical because any routers not running SNMP cannot provide theMIB information.

SUMMARY OF THE INVENTION

These and other needs are addressed by the various embodiments andconfigurations of the present invention. The methods and apparatuses ofthe present invention obtain routing and/or network-related informationto populate the network topology.

In one embodiment of the present invention, the method and apparatus isused for an enterprise network. The network is divided into at least tworouting regions. Each region includes first and second sets of routers.In one configuration, a region is an area as defined by the OSPFprotocol or an analogy thereof under another protocol. Each routercontains information regarding network components and links in theregion. The routers in the first sets of routers and, at most, only someof the routers in the second sets of routers are contacted to obtainrouting topology information. For example, in the OSPF protocol onlyarea border routers (apart from the initially contacted (or gateway)router) are typically contacted. As will be appreciated, area borderrouters contain network information about the hosts, links and networksin all of the areas on whose borders they are located while non-areaborder routers contain information about the hosts, links, and networksin the area in which they are located and at most only summarized(incomplete) information about these components in other areas.

The above embodiments can have a number of advantages. The algorithmscan provide an accurate, detailed, and updated map of the network. Thispermits network administrators not only to properly locate and configurenewly attached hosts but also to locate existing hosts for the newlyattached host, perform network maintenance, identify possible securityproblems in the network, and perform rapid and accurate identificationof network problems and bottlenecks. The algorithms can provide thesebenefits at relatively fast speeds and with minimal impact on networktraffic and on the operation of the network. Typically, the techniquesof the present invention do not flood the network with ping commands forevery possible host or interface address, which not only interferes withthe operational efficiency of the network but also require an extensiveuse of computational resources to analyze the vast amounts of receivedinformation. Rather, the techniques of the present invention identifyonly certain routers, such as area border routers, which contain theinformation necessary to permit a routing or network topology to begenerated. In some applications, the algorithms of the present inventionquery on average only one router per region. The algorithms of thepresent invention are not limited to vendor-specific architectures.Rather, the algorithms can generate such topologies from a network usinga plurality of routing protocols and/or containing computationalcomponents from multiple vendors. These and other advantages will beapparent from the disclosure of the invention(s) contained herein.

The above-described embodiments and configurations are neither completenor exhaustive. As will be appreciated, other embodiments of theinvention are possible utilizing, alone or in combination, one or moreof the features set forth above or described in detail below.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts a simple network topology according to the prior art;

FIG. 2 is a block diagram depicting a computational architectureaccording to an embodiment of the present invention;

FIG. 3 is a flowchart depicting the operation of the data collectionagent;

FIG. 4 depicts a router table output by the data collection agent;

FIG. 5 depicts an LSA table output by the data collection agent;

FIG. 6 is a flowchart depicting the operation of the data analyzingagent;

FIG. 7 depicts a router list output by the data analyzing agent;

FIG. 8 depicts a link list output by the data analyzing agent;

FIG. 9 depicts a network list output by the data analyzing agent; and

FIG. 10 depicts an interface list output by the data analyzing agent.

DETAILED DESCRIPTION System Overview

FIG. 2 refers to a network topology generator 200 according to anembodiment of the present invention. The generator 200 is configured tobe connected to an access point of a computer network, such as to stubnetwork 112, to send communications to and receive communications fromhosts, typically routers. The generator 200 comprises a data collectionagent 204 configured to gather selected information regarding thenetwork topology by contacting selected routers in each desired routingregion and a data analyzing agent 208 configured to analyze the gatheredinformation and generate an output from which the (OSI Layer 3) networktopology can be derived. The data collection agent 204 uses a routertable 212 (FIG. 4) to list identified selected routers (and/orinterfaces thereof) and determine whether or not the routers have beencontacted and, if so, the result. The data collection agent 204 outputsthe link state advertisement or LSA table 216 (FIG. 5), which is alisting of link state advertisements or LSAs obtained from the linkstate databases in the contacted routers. As will be appreciated, thelink state database, as defined by the OSPF protocol, is a listing oflinks with each link being defined by end points and a cost metricassociated with the link. Each area border router within a routingregion has a complete copy of the database for all regions on whoseborder the router is located (or with which the area border router isassociated). However, the non-area border routers within one routingregion typically have a complete copy of the database in the region inwhich it is located and do not have the same link state database as arouter in a different routing region.

Based on the LSA table, the data analyzing agent 208 outputs three orfour further tables (depending upon the embodiment), namely, the routerlist 220 which contains router information (FIG. 7), the link list 224which contains link information (FIG. 8), the network list 228 whichcontains network information (FIG. 9), and the interface list 1100 whichcontains router interface information (FIG. 11). These tablescollectively provide the network routing topology and the attributes ofthe network elements represented therein. As will be appreciated,“routing topology” refers to the logical network topology described by aparticular routing protocol. Based on the router, link, network, and/orinterface lists, a map or model of the routing topology can be generatedautomatically or manually. If more than one routing protocol is in use,there may be more than one distinct routing topology. As will beappreciated, the routing topology can be quite different from thephysical network topology.

Before discussing the operation of the data collection and analyzingagents 208, it is important to understand certain features of the OSPFprotocol. A router is typically identified by a unique router ID and isassociated with a unique area ID. A router typically does not itselfhave an IP address. An interface is a logical device belonging to a hostsuch as a router that can be the attachment point of a link. Typically,an interface will have zero or one IP address and belong to a network.The interface will normally have an interface number and a network mask.A link contains two or more bindings of a source interface and a metricor cost. It is templated by the metric representation which is specificto the routing protocol and represents the cost for a packet to leave aninterface. A link is typically associated with a cost metric and arouting protocol identifier. A network object represents a data networkor subnet. It has an address and a mask and represents an address spacein which a set of hosts is contained. A network object may derive itsaddress and/or its mask from its member interfaces if these values havenot been set by the data collection agent 204.

The Data Collection Agent

Referring now to FIG. 3 operation of the data collection agent 204 willnow be discussed.

In step 300, the data collection agent 204 is created.

The data collection agent 204 in step 304 uses one or more seed IPaddresses to contact a host router in one or more selected routingregions. The router(s) contacted initially by the data collection agent204 are hereinafter referred to as a gateway router(s). In a preferredimplementation, only one seed IP address is employed. If the user hasnot configured the data collection agent 204 to use a particular routeras the initial gateway, the seed address can be determinedautomatically. The method by which this is determined isplatform-dependent. For all platforms, the gateway is taken from thefirst routing table entry that has a valid gateway field. The SimpleNetwork Management Protocol or SNMP techniques used to contact thegateway router can be routing protocol specific. For example, RFC1850provides the specifications for contacting a router using the OSPFprotocol-specific techniques for SNMP.

In decision diamond 308, the data collection agent 204 determineswhether the gateway router has responded to the generator 200 within apredetermined time period. If not, the data collection agent 204terminates operation and notifies the user of an error and requests afurther seed address. If so, the data collection agent 204 proceeds tostep 312.

In step 312, the data collection agent 204 downloads the link statedatabase of the gateway router into memory 232.

Next, the data collection agent 204, in step 316, decodes the downloadedlink state database by known techniques. Generally, the data collectionagent 204 parses the tightly compacted binary data and converts it intoan internal representation of the database in which the various fieldsand field entries in the link state database are identified and groupedtogether. This step is important to permit the information to befiltered in later steps.

The techniques used in the decoding step are protocol specific. Eachprotocol's specifications define how the database is configured andtherefore mandate how the database is to be converted into a useableformat. In the OSPF protocol, for example, the byte-stream containingOSPF LSAs packed in network byte order are transformed into a sequenceof well-defined structures. The LSAs are taken from the ospfLsdb Tablein the OSPF MIB (OSPFMIB). The agent 204 uses the Lsa::Parse( ) methodto retrieve the corresponding Lsa object. The class hierarchy uses adecorator pattern or other suitable design to work around the fact thatthe LSA must be partially parsed before the correct Lsa subclass can becreated. Processing of the retrieved Lsa subclass object is performedusing any suitable design, such a visitor pattern.

In the filtering step 320, any LSAs for computational components outsidethe current routing region are discarded. In the filtering step, thedata collection agent 204 is interested in identifying and recording LSAinformation for computational components in the current region (in whichthe gateway router is a part) and information for at least one areaborder router serving the current region. Because in a preferredconfiguration the data collection agent 204 contacts only area borderrouters and/or their associated interfaces, LSA information forcomputational components in other routing regions can be obtained froman area border router serving that routing region. The information aboutarea border routers (and/or their associated interfaces) can be obtainedfrom the link state database and/other tables in the gateway router.

The data collection agent 204, in step 324, adds the IP address (and/orrouter identifier) of each area border router and/or area border routerinterface in the database to the router table. The router table is usedto identify the area border routers (and/or their attached interfaces)for later contacting by the data collection agent 204. An example of therouter table is shown in FIG. 4 in which a router or router interface isidentified by an IP address 400 and is associated with a flag state 404(which is discussed in detail below).

In one configuration, the area border routers are added to the areaborder router table only if they are associated with (or located on aborder of) a selected region (which is typically within the enterprisenetwork or autonomous system). In other words, area border routers thatare only associated with regions that are not of interest are not addedto the area border router table. In some configurations, the algorithmis self-limiting in that the algorithm only adds area border routers tothe table 212 if the routers are configured according to a selectedrouting protocol and/or otherwise contactable. The routing protocol isused in all regions of the enterprise network but is typically not usedin regions outside of the enterprise network. Even if the undesiredregions use the routing protocol, the regions are part of anotherautonomous system having different credentials which must be known togain access to the router's databases. These credentials are typicallynot known to those that are not part of the autonomous system.Accordingly, the area border routers in such undesired regions willultimately not provide information in their databases to the datacollection agent 204. In another configuration, the data collectionagent 204 will add the area border router to the table 212 and/orcontact the area border router only if the area border is associatedwith an IP address falling within a predetermined set of IP addresses.This configuration permits the data collection agent 204 to collectinformation only about some but not all regions of an enterprisenetwork. In yet another configuration, the data collection agent 204 cannotify the user whenever a new region is discovered and query the userwhether or not the region is of interest to the user and thereforewhether or not the area border routers associated with that regionand/or their respective interfaces are to be added to the router table212 and the link state advertisements associated with that region are tobe added to the LSA table 216.

In step 328, the data collection agent 204 further adds all LSAinformation in the current region to the link table. Each listed LSA 500has a corresponding region identifier 504 (which is defined by theapplicable routing protocol).

The data collection agent 204, in step 332, sets the flag 404 (FIG. 4)for an existing router entry and for each of the newly added routerentries. The flag can have any of the states below:

-   -   NOTVISITED: No attempt has yet been made to contact the area        border router.    -   TRIED: An attempt to process the area border router has failed.        Further attempts to contact the router can be allowed, depending        on the configuration.    -   DONE: Either the area border router has been successfully        visited and processed or it cannot be processed. In either case,        no further attempts are made to process the area border router.

As will be appreciated, the area border router and the LSA tables 212and 216 are initially empty. The initial gateway router is determined tobe an area border router when it contains more than one entry in theospfAreald row (for OSPF protocol). If the initial gateway router is anarea border router, it is added to the area border router table 212 witha status of DONE.

If the initial gateway router is not an area border router, the startingpoint for processing a region is a region identification and a hostrouter. The link state database for the specified region is retrievedfrom the host router. The link state database is available from the OSPFMIB (OSPFMIB) in the ospfLsdbTable (for OSPF protocol). Each LSA is thenadded to the LSA table 216 and the area border routers of the currentregion identified and added to the area border router table 212 with astatus of NOTVISITED. .

In step 336, the data collection agent 204 sequentially scans the areaborder router table 212 and determines whether there are unprocessedentries in the table. There are three cases to consider:

-   -   All the table members have the status DONE. In this case, the        algorithm is finished and proceeds to step 340.    -   There is at least one list member with the status NOT VISITED.        In this case, the algorithm picks one of these and proceeds to        step 344.    -   There are no members with a status of NOTVISITED, but there is        at least one with a state of TRIED. In this case, the algorithm        picks one of these and proceeds to step 344.

In step 344, the data collection agent 204 contacts the selected areaborder router and in step 348 determines if a response was receivedwithin a predetermined time interval. If a response was received withinthe time interval, the data collection agent 204 returns to step 312. Ifno response was received within the time interval, the data collectionagent 204 sets the flag for unsuccessfully contacted router to “DONE”and returns to step 332 to select another area border router to contact.

When the data collection agent 204 repeats steps 312, 316, 320, 324, 328and 332 for an area border router, the steps are performed the same wayas for the gateway router with certain exceptions. In step 332, if thearea border router (or its corresponding interfaces) has no known IPaddresses, the corresponding entry in the area border router table isupgraded from NOTVISITED to TRIED or from TRIED to DONE. Otherwise, instep 320 the ospfAreald row of the OSPF MIB area table (OSPFMIB) is readusing SNMP. This provides a list of all the regions of which the areaborder router is a member. If there is an SNMP error, the host is markedin step 332 as DONE. In step 328, for each area border router that issuccessfully visited, the data collection agent 204 examines each areaattached to the area border router. If the area already exists in theLSA table 216, the area is discarded and the next area examined.Otherwise, the area identifier and area border router information areprocessed as noted above in reference to step 328 for an area borderrouter.

Data Analyzing Agent

FIG. 6 depicts the operation of the data analyzing agent 208.

The data analyzing agent 208 is created in step 600 and accesses theLink State Advertisement or LSA table in step 604.

The data analyzing agent 208 in step 608 sets i equal to 2. I is acounter used to control which link types are to be considered. The LSAtable 216 is traversed in reverse numerical order based on LSA type. LSAtype 2 is considered before LSA type 1. This ordering enables thealgorithm to make a number of assumptions about the state of the networkmodel data structures when processing router advertisements.

As will be appreciated, in the OSPF protocol there are at least sevenLSA types, namely LSA type 1 is a router advertisement, LSA type 2 is anetwork advertisement, LSA type 3 is a network summary, LSA type 4 is anautonomous system or AS-border router summary, LSA type 5 is AS externaladvertisement, LSA type 6 is a group membership advertisement, and LSAtype 7 is an advertisement used in NSSA areas. Because the agent 208 isconcerned only with the current routing protocol domain, external routeadvertisements are ignored. Summary advertisements, and advertisementsof an unrecognized type are also ignored. In the configuration of FIG.6, LSA types 3, 4, and 6 are ignored. Only LSA types 1 and 2 areconsidered. In other configurations, the other LSA types, such as LSAtypes 3 and 4, are also considered. As will be appreciated, the LSAtypes to be ignored can be discarded either by the data analyzing agent208 or by the data collection agent 204 in filtering step 320 of FIG. 3,as desired.

In decision diamond 612, the agent 208 determines whether i is equal to2. When the value is equal to 2 (or a type 2 LSA is to be considered),the agent 208 proceeds to step 616 a (discussed below), and when thevalue is not equal to 2 (or a type 1 LSA is to be considered) the agent208 proceeds to step 616 b (discussed below).

In steps 616 a and b, a second counter J is set equal to 1. J is used torefer to the LSA in the set of LSAs associated with each region. Thisrelationship is illustrated in FIG. 5. For region 1, LSA 1 is the firstLSA in the set; LSA 2 the second, and so forth.

In step 620, the data analyzing agent 208 selects the first type 2 LSAin the set of LSAs for the first area, or with reference to FIG. 5 thearea having id 1. As will be appreciated, in the OSPF protocol type 2LSAs are originated for broadcast and NBMA networks that appear astransit networks in the OSPF topology.

Step 620 can be performed in several ways.

In one configuration, interfaces are not specifically considered. Thedata analyzing agent 208 parses the LSA and, for each type 2 LSA,identifies routers and a network associated with a link defined by theadvertisement. In the OSPF protocol, the LSA will normally identify adesignated router and one or more attached routers. The objects in theLSA are instantiated and listed in the router, network, and/or linklistings 220, 224, and 228, respectively, as appropriate.

In another configuration, interfaces are considered as well as othernetwork components. For each type 2 LSA, a transit network object isconstructed to represent the network, and router objects are constructedto represent each attached router. The link state ID is used to createan interface for the advertising (designated) router. Interfaces arecreated for all the attached routers named in the advertisement but IPaddresses are not assigned to these interfaces since they are notspecified in the advertisement. The OSPF data attributes are set foreach new router that is created. The advertising router is recorded asbeing the designated router for the new transit network.

In step 624 a, J is set to J+1, and in step 628 a, the data analyzingagent 208 determines if there is in the LSA table 216 a type 2 LSAcorresponding to the selected area and to the incremented counter. Ifthere is such an LSA, the data analyzing agent 208 returns to step 620.If there is no such LSA, the data analyzing agent 208 proceeds to step632 a.

In step 632 a, the data analyzing agent 208 determines if there isregion (i.e., area as defined by OSPF) in the LSA table 216 which hasyet to be considered. If there is such an area, the data analyzing agent208 selects that area and repeats steps 620, 624 a, and 628 a for thatarea. If all of the areas have been considered, the data analyzing agent208 proceeds to step 636 a.

In step 636 a, i is decremented, and in step 640 a, the data analyzingagent 208 determines if i is equal to zero. If i is not equal to zero,the data analyzing agent 208 returns to step 612, and if i is equal tozereo the data analyzing agent 208 proceeds to step 644 and terminatesexecution of the algorithm.

The loop 652 is the same as the above loop except that the loop isexecuted for a type 1 LSA.

Step 648 differs from step 620 in a number of respects. As will beappreciated in the OSPF protocol certain LSA types have extensions. Atype 1 LSA, for example, can be a combination of 4 types of routerlinks: namely, a point-to-point link (subtype 1), apoint-to-transit-network link (subtype 2), a point-to-stub-network link(subtype 3), and a virtual link (subtype 4). The virtual link isignored. There are two reasons for this: first, the link described bythe virtual link does not really exist in the routing topology but thevirtual link uses the inter-area routing of its transit area to forwardpackets and second the IP address information in the link data fieldcannot be used since there is no indication of which interface the IPaddress should be assigned to.

Like step 620, step 648 can be performed in a number of ways.

In one configuration, interfaces are not specifically considered. Thedata analyzing agent 208 parses the LSA and identifies the endpointsreferenced in the LSA. The endpoints will be either a router and/or atransit or stub network. In the OSPF protocol, the LSA will normallyidentify a designated router and one or more attached routers. Theobjects in the LSA are instantiated and listed in the router, network,and/or link listings 220, 228, and 224, respectively, as appropriate.

In another configuration, interfaces are considered along with othernetwork components, and the extensions may be handled differently.Generally, each interface is identified by matching or pairing upcorresponding type 1 and 2 LSAs. The matching is done by finding aninterface IP address in each LSA that is the same, i.e., the interfaceIP address of the advertising router. Regarding point-to-point links,such links do not require IP addresses and therefore require specialhandling of LSAs. The problem is that for unnumbered point-to-pointlinks, there is no way of telling whether the link data field containsan IP address or an interface index. Because in the OSPF protocol anyparticipants in a numbered point-to-point link must issue a subtype 3router link in conjunction with a subtype 1 router link, anypoint-to-point link (which will have a corresponding subtype 1 routerlink) that has no corresponding subtype 3 router link (i.e., is assumedto be unnumbered. This condition can be detected by known techniques.The subtype 1 router link specifies the router ID of the far end of thelink and the IP address (for a numbered link) or interface number (foran unnumbered link) of the outgoing interface. If a numbered link cannotbe distinguished from an unnumbered link by the existence of thecorresponding subtype 3 link, the link is added to a set of outstandingsubtype 1 links and processed only when the corresponding subtype 3 linkis encountered. The subtype 2 router link specifies a point-to-pointlink from a router to the designated router for a transit network. Sincethe agent 208 has already processed the corresponding type 2advertisement, both the advertising router and the designated routerobjects have already been created and are members of a common transitnetwork. For both the advertising router and the designated router, thesubtype 2 router link allows the addition of an IP address to theinterface that connects the transit network. When all LSA processing iscompleted, any outstanding subtype 1 links in the set of outstandingsubtype 1 links must be unnumbered point-to-point links and new objectsare constructed to represent such links. The outgoing interface of theadvertising router is assigned an interface number but no IP address.

In the latter configuration of step 648, the data analyzing agent 208typically identifies at least most of the host (router) interfaces by IPaddress. When that is not the case (e.g., an interface of a routerconnected to a stub network), the corresponding router is polled toobtain this information.

The output linked listings are shown in FIGS. 7–9. FIG. 7 is acomprehensive listing of routers, both designated and attached, in theenterprise network or autonomous system. The routers are identified byrouter ID 700 (and/or by IP address (not shown)), associated regionidentifiers 704, and/or by one or more pointers referencing associatedinterfaces in the interface list. As will be appreciated, an area borderrouter will have multiple region ids while a non-area border router willhave only one, and a router can have one or more associated interfaces.FIG. 8 is a list of links. The links 800 can have as endpoints 804 tworouters, or a router and a network (stub or transit). The routers can beidentified by router ID and/or interface IP address, and the network bymask and/or one or more IP addresses. Alternatively, the associated linkendpoints can be referred to by a pointer to the appropriate entry inanother of the lists 220, 228, and 1100. FIG. 9 is a listing of networks(stub or transit). The networks can be identified by a mask and/or oneor more IP addresses 900. Each network has an associated routerinterface 904 (which is typically indicated by a pointer to thecorresponding router interface in the interface list), and an associateddesignated router (which is typically indicated by a pointer to thecorresponding router in the router list). When interfaces areconsidered, a fourth list 1100 of interfaces can be generated as shownin FIG. 10. In the interface list 1100, interfaces 1104 are identifiedby IP address, interface number, and/or network mask and is associatedwith a router 1108. The associated router 1108 is typically indicated bya pointer to the corresponding router in the router list 220.

In most applications, the data analyzing agent 208 will output therouter and network lists and one of the link and interface lists.

The objects in the network model are typically self-managed objects. Aself-managed object is an object whose lifetime is managed not by itsclients but by the class that it instantiate. The model is implementedby one or more classes containing a static set of pointers to instances.The data analyzing agent 208 adds and removes the object to/from thestatic set. All the objects of the network model, with the exception ofthe interface, are self-managed. Interface objects are owned and managedby the host objects to which they are directly attached.

A number of variations and modifications of the invention can be used.It would be possible to provide for some features of the inventionwithout providing others.

For example in one alternative embodiment, the algorithm is used for aprotocol other than OSPF. The algorithm can be used for anydistance-vector and link-state algorithms which configure routers intogroups based on the information stored in the router and/or divide anenterprise or autonomous system into regions.

In another embodiment, the data collection and data analyzing agents areimplemented in whole or part as an application specific integratedcircuit or other type of logic circuit.

The present invention, in various embodiments, includes components,methods, processes, systems and/or apparatus substantially as depictedand described herein, including various embodiments, sub combinations,and subsets thereof. Those of skill in the art will understand how tomake and use the present invention after understanding the presentdisclosure. The present invention, in various embodiments, includesproviding devices and processes in the absence of items not depictedand/or described herein or in various embodiments hereof, including inthe absence of such items as may have been used in previous devices orprocesses, e.g. For improving performance, achieving ease and/orreducing cost of implementation.

The foregoing discussion of the invention has been presented forpurposes of illustration and description. The foregoing is not intendedto limit the invention to the form or forms disclosed herein. Althoughthe description of the invention has included description of one or moreembodiments and certain variations and modifications, other variationsand modifications are within the scope of the invention, e.g. As may bewithin the skill and knowledge of those in the art, after understandingthe present disclosure. It is intended to obtain rights which includealternative embodiments to the extent permitted, including alternate,interchangeable and/or equivalent structures, functions, ranges or stepsto those claimed, whether or not such alternate, interchangeable and/orequivalent structures, functions, ranges or steps are disclosed herein,and without intending to publicly dedicate any patent able subjectmatter.

1. A method for determining a topology associated with a distributedprocessing network, comprising: selecting a network region from among aplurality of network regions, the network region containing first andsecond sets of routers, wherein the routers in the first set of routersare also members of the second set of routers, wherein the second set ofrouters comprises routers that are not in the first set of routers,wherein the plurality of network regions are defined by at least onerouting protocol, and wherein at least two of the network regions aredefined by a common routing protocol; contacting a first router in thesecond set of routers to determine at least one of the routers in thefirst set of routers, the first router not being in the first set ofrouters; thereafter contacting each of the routers in the first set ofrouters but not each of the other routers in the second set of routers,the first set of routers having fewer members than the second set ofrouters; accessing network information maintained by at least some ofthe contacted routers in the first set of routers; setting a flag valuefor each of the routers in the first set of routers, wherein the flagvalue depends upon the state of the contact with the associated routerand/or router interface; and generating a representation of the networktopology in the selected network region based on the accessed networkinformation.
 2. The method of claim 1, wherein in the contacting step aninterface associated with each of the routers in the first set iscontacted and wherein the first router is not located on a boundarybetween adjacent network regions.
 3. The method of claim 2, wherein theplurality of network regions correspond with a plurality of areas asdefined by the Open Shortest Path First protocol and wherein the networkis an enterprise network.
 4. The method of claim 3, wherein each of therouters in the first set of routers is an area border router.
 5. Themethod of claim 3, wherein at least some of the routers in the secondset of routers are not an area border router.
 6. The method of claim 1,wherein the generating step comprises: maintaining a router tablelisting one or more attributes of at least one of (i) each of therouters in the first router set and (ii) one or more interfacesassociated with each of the routers in the first router set andexcluding one or more attributes associated with each of the otherrouters and/or an interface attached thereto in the second router set.7. The method of claim 6, wherein the accessing step comprises: settinga flag for each of the listed routers and/or interfaces indicating anoutcome of the contacting step.
 8. The method of claim 1, wherein thenetwork information comprises link state advertisements and wherein thegenerating step comprises: storing the link state advertisements in alink state advertisement table, wherein the link state advertisementsare indexed by an associated area.
 9. The method of claim 7, wherein thegenerating step comprises: determining a link state advertisement typefor a plurality of the link state advertisements in the link stateadvertisement table, wherein higher numbered link state advertisementtypes are processed before lower numbered link state advertisementtypes.
 10. The method of claim 1, wherein in the generating step therepresentation is a listing of routers, links, interfaces, and networks.11. The method of claim 1, wherein the generating step comprises:discarding at least some of the information based on at least one of atype of the information and a type of link associated with theinformation.
 12. The method of claim 11, wherein the type of link is atype of state advertisement and the type of information is an extensiontype associated with a link state advertisement.
 13. The method of claim11, wherein the at least one of a type of the information and a type oflink is a type of the information.
 14. The method of claim 11, whereinthe at least one of a type of the information and a type of link is atype of link.
 15. The method of claim 1, wherein the plurality ofnetwork regions comprises first network regions and second networkregions and wherein the generating step comprises: discarding networkinformation associated with one or more selected first network regions;and updating a listing of network information associated with one ormore selected second network regions.
 16. The method of claim 1, whereinthe accessing step outputs a link state advertisement table listing aplurality of link state advertisements and selected network regionsassociated with link state advertisement and, for each selected networkregion, interactively performing the following steps: selecting a linkstate advertisement associated with the selected network region; parsingthe selected link state advertisement; constructing at least one ofrouter, interface, link, and network objects referenced in the selectedlink state advertisement, the object containing information in theselected link state advertisement; and repeating the selecting, parsing,and constructing steps until each link state advertisement associatedwith the selected network region has been considered.
 17. The method ofclaim 16, wherein the interactively performed steps further comprise:comparing a first link state advertisement associated with the selectednetwork region with a second link state advertisement associated withthe selected network region; and when the first and second link stateadvertisements correspond to one another, constructing an interfaceobject containing information contained in the first and second linkstate advertisements.
 18. The method of claim 16, wherein in theinteractively performed steps the following rule is employed: where apoint-to-point link having no corresponding stub network link is assumedto be unnumbered.
 19. The method of claim 16, wherein the followingadditional steps are performed in the interactively performed steps:comparing a first link state advertisement associated with the selectednetwork region with a second link state advertisement associated withthe selected network region; and when the first and second link stateadvertisements correspond to one another, identifying at least oneattribute of at least one of a router, interface, link, and network. 20.The method of claim 1, wherein, in the thereafter contacting andaccessing steps, the plurality of network regions and network regiontopology are determined, and wherein, in the contacting step andthereafter contacting and accessing steps, signals transmitted to atleast some of the contacted routers cross over a boundary betweenadjacent defined network regions.
 21. The method of claim 1, wherein thenetwork topology corresponds to OSI Layer 3 topology.
 22. The method ofclaim 1, wherein the at least some of the contacted routers in the firstset of routers exclude at least one router in the first set of routersbecause the at least one router is configured according to one or moreselected routing protocols.
 23. The method of claim 1, furthercomprising: at least one of not contacting and not accessing networkinformation in a router when the router is associated with an IP addressthat is not a member of a set of IP addresses.
 24. The method of claim1, further comprising: at least one of not contacting and not accessingnetwork information in a router when the router is in a network regionthat is not a member of a set of network regions.
 25. The method ofclaim 1, further comprising: querying a user whenever a PreviouslyPresented region is discovered to determine whether or not thediscovered region is of interest to the user.
 26. The method of claim 1,wherein, in the generating step, virtual link information is ignored.27. The method of claim 1, further comprising: accessing networkinformation from the at least some of the contacted routers in the firstset of routers only when the at least some of the contacted routers useone or more selected routing protocols.
 28. A system for determining atopology associated with a distributed processing network, comprising:means for extracting a first set of routers from among a larger, secondset of routers in at least a selected portion of a distributedprocessing network, wherein the routers in the first set of routers arealso members of the second set of routers, wherein the second set ofrouters comprises routers that are not in the first set of routers,wherein the first set of routers is located in a plurality of networkregions, wherein the plurality of network regions are defined by atleast one routing protocol, and wherein at least two of the networkregions are defined by a common routing protocol; means for contacting afirst router in the second set of routers to determine at least one ofthe routers in the first set of routers, the first router not being inthe first set of routers, and thereafter contacting each of the routersin the first set of routers but not each of the other routers in thesecond set of routers; means for accessing network informationmaintained by at least some of the contacted routers in the first set ofrouters; means for setting a flag value for each of the routers in thefirst set of routers, wherein the flag value depends upon the state ofthe contact with the associated router; and means for generating arepresentation of the network topology in the selected portion of thedistributed processing network based on the accessed networkinformation.
 29. The system of claim 28, wherein the first and secondsets of routers are associated with the plurality of regions.
 30. Thesystem of claim 28, wherein the plurality of regions are a plurality ofareas as defined by the Open Shortest Path First protocol.
 31. Thesystem of claim 28, wherein each of the routers in the first set ofrouters is an area border router.
 32. The system of claim 28, wherein atleast one of the routers in the second set of routers is not an areaborder router and wherein the first router is not an area border router.33. The system of claim 28, further comprising: a router table listingeach of the routers in the first set of routers but not each of therouters in the second set of routers.
 34. The system of claim 28,wherein the information comprises link state advertisements and furthercomprising: means for storing the link state advertisements in a linkstate advertisement table, wherein the link state advertisements areindexed by an associated area.
 35. The system of claim 34, furthercomprising: means for determining a link state advertisement type for aplurality of the link state advertisements in the link stateadvertisement table, wherein higher numbered link state advertisementtypes are processed before lower numbered link state advertisementtypes.
 36. The system of claim 28, further comprising: means forprocessing the information to form a listing of routers, links, andnetworks.
 37. The system of claim 28, further comprising: filteringmeans for discarding at least some of the information based on at leastone of a type of the information and a type of link associated with theinformation.
 38. The system of claim 37, wherein the at least one of atype of the information and a type of link is a type of the information.39. The system of claim 37, wherein the at least some of the informationbased on at least one of a type of the information and a type of linkassociated with the information is a type of link.
 40. The system ofclaim 28, wherein the means for contacting transmits signals to at leastsome of the contacted routers across a boundary between adjacent definednetwork areas when the means for contacting and means for accessingdetermine the network regions and topology in each network region. 41.The system of claim 28, wherein the network topology corresponds to OSILayer 3 topology.
 42. A system for determining a topology associatedwith a distributed processing network, comprising: a data collectionagent to (a) select a first set of routers from among a larger, secondset of routers in at least a selected portion of a distributedprocessing network, wherein the routers in the first set of routers arealso members of the second set of routers, wherein the second set ofrouters comprises routers that are not in the first set of routers,wherein the first set of routers are located in a plurality of networkregions, wherein the plurality of network regions are defined by atleast one routing protocol, and wherein at least two of the networkregions are defined by a common routing protocol, (b) contact a firstrouter in the second set of routers to determine at least one of therouters in the first set of routers, the first router not being in thefirst set of routers, and thereafter contact each of the routers in thefirst set of routers but not each of the other routers in the second setof routers, and (c)load network information maintained by at least someof the contacted routers in the first set of routers; a flag valueassociated with each of the routers in the first set of routers, whereinthe flag value depends upon the state of the contact with the associatedrouter; and a data analyzing agent for generating a representation ofthe network topology of the selected portion of the distributedprocessing network based on the loaded network information.
 43. Thesystem of claim 42, wherein the first and second sets of routers areassociated with the plurality of regions and wherein the first router isnot located on a boundary between adjacent network regions.
 44. Thesystem of claim 43, wherein the plurality of regions are a plurality ofareas as defined by the Open Shortest Path First protocol.
 45. Thesystem of claim 42, wherein each of the routers in the first set ofrouters is an area border router.
 46. The system of claim 42, wherein atleast one of the routers in the second set of routers is not an areaborder router.
 47. The system of claim 42, further comprising: a routertable listing each of the routers in the first set of routers but noteach of the other routers in the second set of routers.
 48. The systemof claim 42, wherein the information comprises link state advertisementsand further comprising: a link state advertisement table containing aplurality of link state advertisements indexed by an associated area.49. The system of claim 48, wherein the data analyzing agent is furtheroperable to determine a link state advertisement type for a plurality ofthe link state advertisements in the link state advertisement table,wherein higher numbered link state advertisement types are processedbefore lower numbered link state advertisement types, and process eachof the link state advertisements based on the determined link stateadvertisement type.
 50. The system of claim 42, wherein the dataanalyzing agent is further operable to process the network informationto form a listing of routers, links, and networks.
 51. The system ofclaim 42, wherein the data analyzing agent is further operable toprocess the network information and output a network model and whereinat least one of the data collection and data analyzing agents isconfigured to discard at least some of the information based on at leastone of a type of the information and a type of link associated with theinformation.
 52. The system of claim 51, wherein the at least one of atype of the information and a type of link associated with theinformation is a type of the information.
 53. The system of claim 51,wherein the at least one of a type of the information and a type of linkassociated with the information is a type link.
 54. The system of claim42, wherein the data collection agent transmits signals to at least someof the contacted routers across a boundary between adjacent definednetwork regions when the data collection agent determines the networkregions and topology in each network region.
 55. The system of claim 42,wherein the network topology corresponds to OSI Layer 3 topology.
 56. Amethod for determining a topology associated with a distributedprocessing network, comprising: selecting a network region from among aplurality of network regions, the network region containing first andsecond sets of routers, wherein the routers in the first set of routersare also members of the second set of routers, wherein the second set ofrouters comprises routers that are not in the first set of routers,wherein the plurality of network regions are defined by at least onerouting protocol, and wherein at least two of the network regions aredefined by a common routing protocol; contacting a first router in thesecond set of routers to determine at least one of the routers in thefirst set of routers, the first router not being in the first set ofrouters; thereafter contacting each of the routers in the first set ofrouters but not each of the other routers in the second set of routers,the first set of routers having fewer members than the second set ofrouters; accessing network information maintained by at least some ofthe contacted routers in the first set of routers; generating arepresentation of the network topology in the selected network regionbased on the accessed network information; maintaining a router tablelisting one or more attributes of at least one of (i) each of therouters in the first router set and (ii) one or more interfacesassociated with each of the routers in the first router set andexcluding one or more attributes associated with each of the otherrouters and/or an interface attached thereto in the second router set;and setting a flag for each of the listed routers and/or interfacesindicating an outcome of the contacting step.
 57. A method fordetermining a topology associated with a distributed processing network,comprising: selecting a network region from among a plurality of networkregions, the network region containing first and second sets of routers,wherein the routers in the first set of routers are also members of thesecond set of routers, wherein the second set of routers comprisesrouters that are not in the first set of routers, wherein the pluralityof network regions are defined by at least one routing protocol, andwherein at least two of the network regions are defined by a commonrouting protocol; contacting a first router in the second set of routersto determine at least one of the routers in the first set of routers,the first router not being in the first set of routers; thereaftercontacting each of the routers in the first set of routers but not eachof the other routers in the second set of routers, the first set ofrouters having fewer members than the second set of routers; accessingnetwork information maintained by at least some of the contacted routersin the first set of routers, wherein the network information compriseslink state advertisements; generating a representation of the networktopology in the selected network region based on the accessed networkinformation; storing the link state advertisements in a link stateadvertisement table, wherein the link state advertisements are indexedby an associated area; and determining a link state advertisement typefor a plurality of the link state advertisements in the link stateadvertisement table, wherein higher numbered link state advertisementtypes are processed before lower numbered link state advertisementtypes.
 58. A method for determining a topology associated with adistributed processing network, comprising: selecting a network regionfrom among a plurality of network regions, the network region containingfirst and second sets of routers, wherein the routers in the first setof routers are also members of the second set of routers, wherein thesecond set of routers comprises routers that are not in the first set ofrouters, wherein the plurality of network regions are defined by atleast one routing protocol, and wherein at least two of the networkregions are defined by a common routing protocol; contacting a firstrouter in the second set of routers to determine at least one of therouters in the first set of routers, the first router not being in thefirst set of routers; thereafter contacting each of the routers in thefirst set of routers but not each of the other routers in the second setof routers, the first set of routers having fewer members than thesecond set of routers; accessing network information maintained by atleast some of the contacted routers in the first set of routers, whereinthe network information comprises link state advertisements; wherein theaccessing step outputs a link state advertisement table listing aplurality of link state advertisements and selected network regionsassociated with link state advertisement and, for each selected networkregion, interactively performing the following steps according to a rulestating where a point-to-point link has no corresponding stub networklink the point-to-point link is assumed to be unnumbered: (i) selectinga link state advertisement associated with the selected network region;(ii) parsing the selected link state advertisement; (iii) constructingat least one of router, interface, link, and network objects referencedin the selected link state advertisement, the object containinginformation in the selected link state advertisement; (iv) repeating theselecting, parsing, and constructing steps until each link stateadvertisement associated with the selected network region has beenconsidered; and generating a representation of the network topology inthe selected network region based on the accessed network information.59. A method for determining a topology associated with a distributedprocessing network, comprising: selecting a network region from among aplurality of network regions, the network region containing first andsecond sets of routers, wherein the routers in the first set of routersare also members of the second set of routers, wherein the second set ofrouters comprises routers that are not in the first set of routers,wherein the plurality of network regions are defined by at least onerouting protocol, and wherein at least two of the network regions aredefined by a common routing protocol; contacting a first router in thesecond set of routers to determine at least one of the routers in thefirst set of routers, the first router not being in the first set ofrouters; thereafter contacting each of the routers in the first set ofrouters but not each of the other routers in the second set of routers,the first set of routers having fewer members than the second set ofrouters, wherein the at least some of the contacted routers in the firstset of routers exclude at least one router in the first set of routersbecause the at least one router is configured according to one or moreselected routing protocols; accessing network information maintained byat least some of the contacted routers in the first set of routers; andgenerating a representation of the network topology in the selectednetwork region based on the accessed network information.
 60. A methodfor determining a topology associated with a distributed processingnetwork, comprising: selecting a network region from among a pluralityof network regions, the network region containing first and second setsof routers, wherein the routers in the first set of routers are alsomembers of the second set of routers, wherein the second set of routerscomprises routers that are not in the first set of routers, wherein theplurality of network regions are defined by at least one routingprotocol, and wherein at least two of the network regions are defined bya common routing protocol; contacting a first router in the second setof routers to determine at least one of the routers in the first set ofrouters, the first router not being in the first set of routers;thereafter contacting each of the routers in the first set of routersbut not each of the other routers in the second set of routers, thefirst set of routers having fewer members than the second set ofrouters; accessing network information maintained by at least some ofthe contacted routers in the first set of routers; at least one of notcontacting and not accessing network information in a router when therouter is associated with an IP address that is not a member of a set ofIP addresses; and generating a representation of the network topology inthe selected network region based on the accessed network information.61. A method for determining a topology associated with a distributedprocessing network, comprising: selecting a network region from among aplurality of network regions, the network region containing first andsecond sets of routers, wherein the routers in the first set of routersare also members of the second set of routers, wherein the second set ofrouters comprises routers that are not in the first set of routers,wherein the plurality of network regions are defined by at least onerouting protocol, and wherein at least two of the network regions aredefined by a common routing protocol; contacting a first router in thesecond set of routers to determine at least one of the routers in thefirst set of routers, the first router not being in the first set ofrouters; thereafter contacting each of the routers in the first set ofrouters but not each of the other routers in the second set of routers,the first set of routers having fewer members than the second set ofrouters; accessing network information maintained by at least some ofthe contacted routers in the first set of routers; generating arepresentation of the network topology in the selected network regionbased on the accessed network information; and querying a user whenevera Previously Presented region is discovered to determine whether or notthe discovered region is of interest to the user.
 62. A method fordetermining a topology associated with a distributed processing network,comprising: selecting a network region from among a plurality of networkregions, the network region containing first and second sets of routers,wherein the routers in the first set of routers are also members of thesecond set of routers, wherein the second set of routers comprisesrouters that are not in the first set of routers, wherein the pluralityof network regions are defined by at least one routing protocol, andwherein at least two of the network regions are defined by a commonrouting protocol; contacting a first router in the second set of routersto determine at least one of the routers in the first set of routers,the first router not being in the first set of routers; thereaftercontacting each of the routers in the first set of routers but not eachof the other routers in the second set of routers, the first set ofrouters having fewer members than the second set of routers; accessingnetwork information maintained by at least some of the contacted routersin the first set of routers; generating a representation of the networktopology in the selected network region based on the accessed networkinformation, wherein virtual link information is ignored.
 63. A methodfor determining a topology associated with a distributed processingnetwork, comprising: selecting a network region from among a pluralityof network regions, the network region containing first and second setsof routers, wherein the routers in the first set of routers are alsomembers of the second set of routers, wherein the second set of routerscomprises routers that are not in the first set of routers, wherein theplurality of network regions are defined by at least one routingprotocol, and wherein at least two of the network regions are defined bya common routing protocol; contacting a first router in the second setof routers to determine at least one of the routers in the first set ofrouters, the first router not being in the first set of routers;thereafter contacting each of the routers in the first set of routersbut not each of the other routers in the second set of routers, thefirst set of routers having fewer members than the second set ofrouters; accessing network information maintained by at least some ofthe contacted routers in the first set of routers; accessing networkinformation from the at least some of the contacted routers in the firstset of routers only when the at least some of the contacted routers useone or more selected routing protocols; and generating a representationof the network topology in the selected network region based on theaccessed network information.
 64. A system for determining a topologyassociated with a distributed processing network, comprising: a datacollection agent to (a) select a first set of routers from among alarger, second set of routers in at least a selected portion of adistributed processing network, wherein the routers in the first set ofrouters are also members of the second set of routers, wherein thesecond set of routers comprises routers that are not in the first set ofrouters, wherein the first set of routers are located in a plurality ofnetwork regions, wherein the plurality of network regions are defined byat least one routing protocol, and wherein at least two of the networkregions are defined by a common routing protocol, (b) contact a firstrouter in the second set of routers to determine at least one of therouters in the first set of routers, the first router not being in thefirst set of routers, and thereafter contact each of the routers in thefirst set of routers but not each of the other routers in the second setof routers, and (c) load network information maintained by at least someof the contacted routers in the first set of routers, wherein the loadednetwork information comprises link state advertisements; a link stateadvertisement table containing a plurality of link state advertisementsindexed by an associated area; and a data analyzing agent for generatinga representation of the network topology of the selected portion of thedistributed processing network based on the loaded network informationand determining a link state advertisement type for a plurality of thelink state advertisements in the link state advertisement table, whereinhigher numbered link state advertisement types are processed beforelower numbered link state advertisement types, and process each of thelink state advertisements based on the determined link stateadvertisement type.